Client-side protection of broadcast or multicast content for non-real-time playback

ABSTRACT

A system and method are disclosed for providing client-side protection of broadcast or multicast multimedia content for non-real-time playback. A set-top box function receives a request to record multimedia content and determines whether recording of the multimedia content is restricted. Upon receiving the multimedia content, the set-top box decrypts the multimedia content for real-time playback. If recording of the multimedia content is restricted, the set-top box re-encrypts the multimedia content and generates a packaged file including the re-encrypted multimedia content and one or more of a content identifier, a set-top identifier, a network reference to a copyright policy server, and a record policy of the multimedia content. The packaged file is either stored locally or transferred to remote storage. A remote system having access to the packaged file obtains the packaged file and enforces a copyright policy of the multimedia content before releasing the multimedia content for non-real-time playback.

CROSS-REFERENCE TO RELATED APPLICATION

The present application is a continuation of U.S. patent application Ser. No. 11/611,188 filed on Dec. 15, 2006, the disclosure of which is hereby incorporated by reference in its entirety.

FIELD OF THE INVENTION

The present invention relates to a set-top box function that receives broadcast or multicast multimedia content and enables client-side protection of the multimedia content for non-real-time playback.

BACKGROUND OF THE INVENTION

In a broadcast/multicast (one-to-many) video transport system, digital watermarking can most easily be accomplished at the source of the video broadcast. This approach delivers a common watermark to each termination or client receiving the broadcast or multicast video content. However, this common watermark provides no deterrent to the user against anonymous redistributions. This redistribution can occur through public Peer-to-Peer (P2P) networks, darknets, or postings to video sharing sites.

Client-side watermarking may be used to address this issue. More specifically, client-side watermarking may be used to watermark broadcast or multicast content with information clearly identifying the end user or client device. This watermark then serves to deter the end user from violating the copyright policy by illegally redistributing the video content. However, client-side watermarking requires substantial resources and, therefore, significantly increases the cost of the client device. As such, there is a need for a low cost system providing client-side protection of broadcast or multicast content.

SUMMARY OF THE INVENTION

The present invention relates to client-side protection of broadcast or multicast multimedia content for non-real-time playback. A set-top box function receives a request to record multimedia content and determines whether recording of the multimedia content is restricted. Upon receiving the multimedia content, the set-top box decrypts the multimedia content, if necessary, for real-time playback. If recording of the multimedia content is restricted, the set-top box re-encrypts the multimedia content and generates a packaged file including the re-encrypted multimedia content and one or more of a content identifier, a set-top identifier, a network reference to a copyright policy server, and a record policy of the multimedia content. The packaged file is either stored locally or transferred to remote storage. A remote system having access to the packaged file obtains the packaged file and enforces a copyright policy of the multimedia content before releasing the multimedia content for non-real-time playback. For example, the copyright policy may require that the multimedia content be watermarked with a content identifier, a set-top identifier, and/or user information identifying an associated user, that a desired Digital Rights Management (DRM) policy be enforced, that the user purchase the multimedia content, or that the user pay a fee for non-real-time access to the multimedia content.

Those skilled in the art will appreciate the scope of the present invention and realize additional aspects thereof after reading the following detailed description of the preferred embodiments in association with the accompanying drawing figures.

BRIEF DESCRIPTION OF THE DRAWING FIGURES

The accompanying drawing figures incorporated in and forming a part of this specification illustrate several aspects of the invention, and together with the description serve to explain the principles of the invention.

FIG. 1 illustrates a system incorporating a set-top box function providing client-side protection of broadcast or multicast multimedia content for non-real-time playback according to one embodiment of the present invention;

FIG. 2 illustrates the operation of the set-top box function to process a record request according to one embodiment of the present invention;

FIG. 3 illustrates the operation of the set-top box function to perform a recording process according to one embodiment of the present invention; and

FIG. 4 illustrates the operation of the system of FIG. 1 to enforce a copyright policy of multimedia content recorded by the set-top box function according to one embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

The embodiments set forth below represent the necessary information to enable those skilled in the art to practice the invention and illustrate the best mode of practicing the invention. Upon reading the following description in light of the accompanying drawing figures, those skilled in the art will understand the concepts of the invention and will recognize applications of these concepts not particularly addressed herein. It should be understood that these concepts and applications fall within the scope of the disclosure and the accompanying claims.

FIG. 1 illustrates a system 10 including a set-top box function 12 implementing the present invention. In general, the system 10 includes the set-top box function 12, a content server 14, a playback device 16, a license server 18, remote storage 20, a remote system 22, and a copyright policy server 24. Note that one or more of the content server 14, the license server 18, and the copyright policy server 24 may alternatively be implemented on the same server. In general, the set-top box function 12 receives multimedia content from the content server 14. The content server 14 may broadcast or multicast the multimedia content to a number of set-top box functions including the set-top box function 12 in a one-to-many fashion using, for example, Internet Protocol version 4 (IPv4), Internet Protocol version 6 (IPv6), or digital television broadcast such as a Cable Television (CATV) or satellite broadcast. In one embodiment, the content server 14 is an Internet Protocol Television (IPTV) server providing an IPTV service. The multimedia content received by the set-top box function 12 is preferably encrypted. In addition, the multimedia content may be encoded or compressed according to, for example, the MPEG2, MPEG4, H.264, or other standardized or proprietary protocol.

The set-top box function 12 then decrypts and optionally decompresses the multimedia content from the content server 14 and provides the decrypted, decompressed multimedia content to the playback device 16 for real-time playback. The playback device 16 may be, for example, a High Definition Multimedia Interface (HDMI)/High-bandwidth Digital Content Protection (HDCP) compliant television or the like. Note that while the discussion herein focuses on HDMI/HDCP as the preferred embodiment, the present invention is not limited thereto. The present invention is equally applicable to any digital multimedia output interface and associated Digital Rights Management (DRM) scheme. In addition, as discussed below in detail, if recording of the multimedia content is restricted, the set-top box function 12 re-encrypts the decrypted multimedia content using an encryption key obtained from the license server 18 and generates a packaged file including the re-encrypted multimedia content and one or more of a content identifier (ID) identifying the multimedia content, a set-top ID identifying the set-top box function 12, a Uniform Resource Locator (URL) or other reference to the copyright policy server 24, and a record policy for the multimedia content obtained from the license server 18. The set-top box function 12 then stores the packaged file either locally where the remote system 22 has access to the packaged file or remotely in the remote storage 20 associated with the remote system 22.

The remote system 22 may be a personal computer, multimedia center, Digital Video Recorder (DVR), portable media device, or the like connected to the set-top box function 12 via, for example, a Local Area Network (LAN). For example, the remote system 22 may be a personal computer connected to the set-top box function 12 via a LAN in an associated user's home. Using the URL of the copyright policy server 24, the remote system 22 then interacts with the copyright policy server 24 to obtain and enforce a copyright policy of the multimedia content. Note that the copyright policy server 24 is more generally referred to herein as a rights policy server. Likewise, the copyright policy is more generally referred to herein as a rights policy. The copyright policy for the multimedia content may be defined by the owner of the multimedia content, a broadcaster of the multimedia content, or the like. As discussed below, the manner in which the copyright policy is enforced depends on the details of the copyright policy. The copyright policy may require client-side watermarking of the multimedia content with the set-top ID of the set-top box function 12, the content ID of the multimedia content, and/or user specific information. As another example, the copyright policy may require that a desired Digital Rights Management (DRM) policy be enforced.

The present invention enables enforcement of a copyright policy for recorded multimedia content while keeping the set-top box function 12 relatively low-cost. More specifically, the set-top box function 12 generates a packaged file including the re-encrypted multimedia content and makes the packaged file accessible to the remote system 22. The remote system 22, rather than the set-top box function 12, then enforces the copyright policy by, for example, watermarking the multimedia content before releasing the multimedia content to the user in non-real-time. As such, client-side protection may be enforced by the remote system 22, which may be the user's personal computer, rather than the set-top box function 12. As a result, the cost of the set-top box function 12 is substantially reduced.

The set-top box function 12 is preferably a set-top box such as a digital cable television set-top box or an IPTV set-top box, or a sub-system of a set-top box such as a digital cable television or IPTV decoder. However, the present invention is not limited thereto. The set-top box function 12 may alternatively be a hardware and/or software function stored on a personal computer or the like.

In this embodiment, the set-top box function 12 includes a network interface (NIC) 26 for receiving the multimedia content from the content server 14. The network interface 26 may be a network interface card, digital television tuner, or the like enabling the set-top box function 12 to either tune to a desired broadcast channel or subscribe to a desired multicast channel. In this example, the multimedia content from the content server 14 is encrypted and compressed, or encoded, according to the MPEG2 standard, the MPEG4 standard, the H.264 standard, or some other standardized or proprietary compression technique.

A decryption function 28 operates to decrypt the multimedia content using a known key. Note that the key may be obtained from the content server 14 or an associated authentication system. A decompression function 30 decompresses the decrypted multimedia content. The multimedia content may then be provided to the playback device 16 for real-time playback via a secure digital interface, which in this example is an HDMI/HDCP interface 32. Again, note that while the discussion herein focuses on HDMI/HDCP as the preferred embodiment, the present invention is not limited thereto. The present invention is equally applicable to any digital multimedia output interface and associated Digital Rights Management (DRM) scheme. The HDMI/HDCP interface 32 ensures that the playback device 16 is an HDCP complaint device before providing the decrypted, decompressed multimedia content to the playback device 16 in order to prevent the decrypted, decompressed multimedia content from being recorded by an unauthorized device such as a non-complaint DVD recorder, personal computer, or DVR.

According to the present invention, when the multimedia content is desired to be recorded, an operating system 34, or control system, of the set-top box function 12 determines whether recording of the multimedia content is restricted. For example, if the multimedia content desired to be recorded is an episode of “The Office,” the operating system 34 determines whether recording of the episode or recording of the series “The Office” is restricted. The operating system 34 may determine whether recording is restricted by, for example, examining a broadcast flag within the multimedia content or sending a request to the license server 18. Alternatively, metadata describing the multimedia content such as the metadata included within an Electronic Programming Guide (EPG) may include information identifying whether recording is restricted.

If recording is restricted, the operating system 34 sends a request to the license server 18. The request may include the content ID of the multimedia content and a set-top ID 36 of the set-top box function 12. The content ID may be some identifier of the multimedia content provided by the content server 14. For example, the content ID may include information describing the multimedia content such as the title of the multimedia content obtained from the EPG based on clock information from a Real Time Clock (RTC) 38. The set-top ID 36 may be an identifier such as, for example, a serial number of the set-top box function 12, and may be used by the license server 18 to determine whether the set-top box function 12 is permitted to record the multimedia content for non-real-time playback in the manner described below.

In response to the request, the license server 18 returns an encryption key to be used to re-encrypt the multimedia content and optionally the URL of the copyright policy server 24 and a record policy for the multimedia content. The encryption key may be, for example, unique to the set-top box function 12, unique to the multimedia content, or unique to combination of the set-top box function 12 and the multimedia content. As discussed below, the URL of the copyright policy server 24 may later be used by the remote system 22 to contact the copyright policy server 24. The record policy may include advance information regarding the steps that will be necessary to obtain non-real-time access to the multimedia content. For example, the record policy may include information stating that the user will be required to purchase the multimedia content or pay a fee before non-real-time access is permitted, information indicating that client-side watermarking will be required, or information describing a DRM policy for the multimedia content.

An encryption and file packaging function 40 re-encrypts the multimedia content using the encryption key obtained from the license server 18 and generates the packaged file including the re-encrypted multimedia content. The packaged multimedia file also includes one or more of the content ID, the set-top ID 36, the URL of the copyright policy server 24, and the record policy for the multimedia content. In one embodiment, the packaged multimedia file is stored in local storage 42 and may be thereafter accessed by the remote system 22. The local storage 42 may be, for example, one or more hard disc drives, internal or removable memory, or the like. In another embodiment, the packaged multimedia file is transferred to the remote system 22 via a network interface (NIC) 44 and stored in the remote storage 20. Although illustrated separately, the network interface 44 may alternatively be the same network interface 26 used to receive the multimedia content from the content server 14. The packaged file may be transferred to the remote system 22 over a LAN or alternatively some direct wired or wireless connection. Note that during or before the transfer, the packaged media file may be temporarily stored in the local storage 42. As another alternative, the set-top box function 12 may transfer the packaged file directly to the remote storage 20. For example, the remote storage 20 may be a network device, and the set-top box function 12 may transfer the packaged multimedia file to the remote storage 20 via a LAN. As another example, the set-top box function 12 may transfer the packaged multimedia file to the remote storage directly over a direct wired or wireless connection.

If recording is not restricted, the set-top box function 12, and in this embodiment the encryption and file packaging function 40, may store the decrypted multimedia content from the decryption function 28 in the local storage 42 or, alternatively, the remote storage 20.

Notably, the decryption function 28, the decompression function 30, the HDMI/HDCP interface 32, and the encryption and file packaging function 40 are preferably, but not necessarily, implemented on a single integrated circuit (IC) 46 to prevent unauthorized access to the decrypted multimedia content. For example, the decryption function 28, the decompression function 30, the HDMI/HDCP interface 32, and the encryption and file packaging function 40 may be implemented on a single Application Specific Integrated Circuit (ASIC) or Field Programmable Gate Array (FPGA). As such, a user is unable to probe wiring or connections between the decryption function 28, the decompression function 30, the HDMI/HDCP interface 32, and the encryption and file packaging function 40 to obtain an unprotected copy of the multimedia content.

FIG. 2 illustrates the operation of the set-top box function 12 for handling a record request. The record request may be from a user interacting with the set-top box function 12. Alternatively, the user may interact with, for example, the remote system 22 such that a record request is provided to the set-top box function 12. First, the set-top box function 12 receives record parameters generally identifying the multimedia content desired to be recorded (step 100). The record parameters may include, for example, a channel, time, and date on which the desired multimedia content will be broadcast. The set-top box function 12 then checks for non-real-time playback restrictions for the desired multimedia content (step 102). The set-top box function 12 may check for non-real-time playback restrictions by examining the multimedia content to determine whether a broadcast flag is set, sending a request to the content server 14 or some associated system, or examining metadata describing the desired multimedia content provided to the set-top box function 12 as, for example, part of an EPG.

If recording is restricted (step 104), the set-top box function 12 then sends a request to the license server 18 for an encryption key to be used for re-encrypting the desired multimedia content and optionally one or more of the URL for the copyright policy server 24 and the record policy for the desired multimedia content (step 106). The request may include the content ID of the desired multimedia content and optionally the set-top ID 36 of the set-top box function 12. As mentioned above, the encryption key returned by the license server 18 may be unique to the desired multimedia content, unique to the set-top box function 12, or unique to the combination of the desired multimedia content and the set-top box function 12. The URL of the copyright policy server 24 may be used later by the remote system 22 to contact the copyright policy server 24. The record policy may include advance information regarding the steps that will be necessary to obtain non-real-time access to the multimedia content. For example, the record policy may include information stating that the user will be required to purchase the multimedia content or pay a fee before non-real-time access is permitted, information indicating the client-side watermarking will be required, or information describing a DRM policy for the multimedia content.

If the requested data is not obtained from the license server 18 (step 108), the set-top box function 12 notifies the user (step 110). The requested data may not be obtained where a network connection to the license server 18 is lost or interrupted or if the set-top box function 12 is not permitted to record the desired multimedia content for non-real-time playback. Optionally, the process may return to step 106 and repeat. At some point, if the requested data is not obtained from the license server 18, the recording process is aborted (step 112). The process may be aborted, for example, after the first time the set-top box function 12 fails to obtain the requested data from the license server 18 or after a predetermined number of iterations through steps 106-110.

Returning to step 108, if the set-top box obtains the requested data from the license server 18, the set-top box function 12 then stores the requested data (step 114). The set-top box function 12 also stores the record parameters and waits for the broadcast or multicast of the desired multimedia content (step 116).

Returning to step 104, if recording of the desired multimedia content is not restricted, the set-top box function 12 stores the record parameters and waits for the broadcast or multicast of the desired multimedia content (step 116).

FIG. 3 illustrates the operation of the set-top box function 12 during reception of multimedia content desired to be recorded according to one embodiment of the present invention. Note that the process of FIG. 2 may have previously been performed when the recording of the multimedia content was initially programmed.

First, at some point prior to or at the beginning of the broadcast or multicast of the desired multimedia content, the set-top box function 12 tunes to the desired channel (step 200). As used herein, “tune” may be subscribing to the corresponding multicast channel or tuning a digital television tuner to the corresponding channel. In this example, the set-top box function 12 checks for non-real-time playback restrictions (step 202). Even though this step was also performed in the process of FIG. 2, it may be desirable here in order to determine whether the recording restrictions for the desired multimedia content have changed.

If recording is restricted (step 204), the set-top box function 12 then sends a request to the license server 18 for the encryption key to be used for re-encrypting the desired multimedia content and optionally one or more of the URL for the copyright policy server 24 and the record policy for the desired multimedia content (step 206). Like step 202, step 206 is optional. If the requested data is not obtained from the license server 18 (step 208), the set-top box function 12 determines whether the requested data has been previously obtained from the license server 18 during the process of FIG. 2 (step 210). If the requested data has not been previously obtained, the set-top box function 12 notifies the user (step 212) and aborts the recording process (step 214). The set-top box function 12 then plays the desired multimedia content within compliant real-time display parameters (step 216). More specifically, the multimedia content is decrypted, decompressed and provided to the playback device 16 via the HDMI/HDCP interface 32.

Returning to steps 208 and 210, if the set-top box function 12 obtains the requested data from the license server 18 or has previously obtained the requested data from the license server 18, the set-top box function 12 stores the requested data if necessary and generates an open file including one or more of the URL of the copyright policy server 24, the content ID of the desired multimedia content, the set-top ID 36, and the record policy of the desired multimedia content (step 218). The set-top box function 12 then re-encrypts the decrypted multimedia content from the decryption function 28 using the encryption key from the license server 18 and stores the re-encrypted multimedia content in the open file, thereby generating the packaged multimedia file (step 220). As discussed above, the packaged multimedia file may be stored locally in the local storage 42 or stored remotely in the remote storage 20. Note that if remote storage is desired, the packaged file may or may not be temporarily stored locally by the set-top box function 12 prior to transfer to the remote storage 20.

Returning to step 204, if recording of the desired multimedia content is not restricted, the set-top box function 12 plays the desired multimedia content within compliant real-time display parameters (step 216). More specifically, the multimedia is content decrypted, decompressed and provided to the playback device 16 via the HDMI/HDCP interface 32.

FIG. 4 illustrates the operation of the remote system 24 to obtain the packaged multimedia file and to enforce the copyright policy for the multimedia content when releasing the multimedia content for non-real-time playback. In general, as discussed above, the content server 14 broadcasts or multicasts multimedia content to the set-top box function 12 (step 300). Assuming that recording is desired and that recording is restricted, the set-top box function 12 decrypts the multimedia content for real-time playback, re-encrypts the decrypted multimedia content with the encryption key obtained from the license server 18, and generates the packaged multimedia file (step 302). Whether the packaged multimedia file is stored locally at the set-top box function 12 or remotely in the remote storage 20, the packaged multimedia file is provided to the remote system 22 at some point (step 304).

In order to release the multimedia content for non-real-time playback, the remote system 22 requests a copyright policy for the multimedia content from the copyright policy server 24 using the URL for the copyright policy server 24 stored in the packaged multimedia file (step 306). Alternatively, the remote system 22 may already know the URL of the copyright policy server 24, in which case the URL in the packaged multimedia file is optional. In response to the request, the copyright policy server 24 returns the copyright policy for the multimedia content to the remote system 22 (step 308). The copyright policy may, for example, require client-side watermarking of the multimedia content with information identifying the multimedia content, the set-top box function 12, and/or the associated user. As another example, the copyright policy may be a DRM policy for the multimedia content. The DRM policy may be, for example, a maximum number of times that that multimedia content may be played, a maximum number of devices to which the multimedia content may be copied or on which the multimedia content may be played, or the like. In addition or alternatively, the copyright policy may require that the user purchase the multimedia content or pay a fee for non-real-time playback of the multimedia content.

Upon receiving the copyright policy, the remote system 22 and the copyright policy server 24 interact to enforce the copyright policy (step 310). Enforcing the copyright policy may include, for example, watermarking the multimedia content before releasing the multimedia content for non-real-time playback, enforcing a DRM policy, and/or conducting an e-commerce transaction during which the user purchases the multimedia content or otherwise pays for non-real-time playback of the multimedia content.

As a first example, in order to enforce the copyright policy, the copyright policy server 24 or an associated server may obtain the key for decrypting the re-encrypted multimedia content from the license server 18 and provide an executable watermarking application and the key to the remote system 22. Alternatively, the key may be embedded in the executable watermarking application or obtained by the executable watermarking application from the copyright policy server 24 or the license server 18 during execution. The remote system 22 may then run the executable watermarking application, where the executable watermarking application decrypts the re-encrypted multimedia content in the packaged multimedia file and watermarks the multimedia content with, for example, one or more of the content ID from the packaged multimedia file, the set-top ID 36 from the packaged multimedia file, and user specific information. The user specific information may include information such as the name of the user of the set-top box function 12 and/or the user of the remote system 22, a credit card number of a credit card used for an e-commerce transaction to purchase the multimedia content or pay a fee for non-real-time playback, or the like. Once the multimedia content is watermarked, the watermarked multimedia content may be released and stored for non-real-time playback by the remote system 22 and/or the set-top box function 12. Still further, the watermarked multimedia content 12 may be transferred to the set-top box function 12 and stored locally in the local storage 42.

In another embodiment, the executable watermarking application may watermark the multimedia content with information identifying the user such as the set-top ID 36 and/or the user information and with information identifying the content such as the content ID and/or information identifying the content owner. These watermarks can be said to be a content specific watermark and a user specific watermark. The copyright policy server 24 may provide a digital certificate including information corresponding to the content specific watermark and the user specific watermark, wherein access to the watermarked multimedia content may be controlled based on a comparison of the digital certificate and the watermarks in the multimedia content. For example, full access may be provided if the information in the digital certificate matches both the content specific watermark and the user specific watermark. Limited access may be provided if the digital certificate matches only the content specific watermark. As such, if the user loses the watermarked multimedia content, the user may obtain another copy of the watermarked multimedia content and still have limited access. For more information, the interested user is directed to U.S. patent application Ser. No. 11/565,013, entitled MULTIPLE WATERMARKS FOR DIGITAL RIGHTS MANAGEMENT (DRM) AND CONTENT TRACKING, which was filed on Nov. 30, 2006 and is hereby incorporated by reference in its entirety.

As another example, client-side watermarking may be performed in a manner similar to that discussed above. However, in this example, the copyright policy server 24 may provide a unique ID to be used for client-side watermarking. The unique ID may be stored in a remote database associated with the copyright policy server 24. In order to identify the user, the set-top ID 36 and/or user specific information is provided to the copyright policy server 24 and stored in the database in association with the unique ID used for watermarking.

As another example, the remote system 22 may provide the re-encrypted multimedia content to the copyright policy server 24 or associated system. The copyright policy server 24 or associated system may then generate an executable package including the re-encrypted multimedia content and the key for decrypting the re-encrypted multimedia content. The executable package is returned to the remote system 22. Upon execution, the executable package forces client-side watermarking of the multimedia content before the multimedia content is released for storage and non-real-time playback. For more information, the interested reader is directed to U.S. patent application Ser. No. 11/554,317, entitled EXECUTABLE PACKAGE FORCING WATERMARKING OF EMBEDDED DIGITAL MEDIA CONTENT, which was filed on Oct. 30, 2006 and is hereby incorporated by reference in its entirety.

As a final example, the multimedia content may be compressed according to MPEG2, MPEG4, H.264, or the like. In addition to the multimedia content, the set-top box function 12 may receive a number of hybrid I-Frames (or I-Slices), where the hybrid I-Frames are low-loss versions of one or more of the I-Frames in the multimedia content stream. In this example, the hybrid I-Frames are also encrypted and stored in the packaged multimedia file. Then, in order to watermark the multimedia content, the hybrid I-Frames are watermarked and used to replace the corresponding I-Frames in the multimedia content stream. Watermarking may be performed by an executable watermarking application provided by the copyright policy server 24 or by an executable package having the encrypted multimedia content and hybrid I-Frames embedded therein in a manner similar to that described above. For more information, the interested reader is directed to U.S. patent application Ser. No. 11/555,707, entitled CLIENT-SIDE WATERMARKING USING HYBRID I-FRAMES, filed on Nov. 2, 2006 and U.S. patent application Ser. No. 11/555,709, entitled SELECTION OF I-FRAMES FOR CLIENT-SIDE WATERMARKING, filed on Nov. 2, 2006, which are hereby incorporated by reference in their entireties.

Those skilled in the art will recognize improvements and modifications to the preferred embodiments of the present invention. All such improvements and modifications are considered within the scope of the concepts disclosed herein and the claims that follow. 

1. A method for providing client-side protection of multicast multimedia content for non-real-time playback comprising: receiving a record request for content; receiving the content over a network interface from a multicast network; decrypting the content; determining if non real-time playback of the content is restricted; sending a request to a licensing server if non real-time playback is restricted; receiving a record policy for the content identifying non real-time playback restrictions in response to the request; receiving a unique encryption key for the content; re-encrypting the content into a file using the encryption key, the file including a content ID, a set-top-box function ID, and a reference to a policy server; and sending the file to a remote system.
 2. The method of claim 1 wherein the content is IPTV.
 3. The method of claim 1 wherein the policy server provides a copyright policy to the remote system.
 4. The method of claim 3 wherein the copyright policy is used to effect non-real-time playback of the content.
 5. The method of claim 3 wherein the copyright policy includes a Digital Rights Management policy.
 6. The method of claim 1 wherein the record policy is included with the file.
 7. The method of claim 1 wherein the record policy reflects a watermarking requirement of the content.
 8. The method of claim 7 wherein the remote system watermarks the content.
 9. The method of claim 8 wherein watermarking parameters are provided by the copyright policy server.
 10. The method of claim 9 wherein the watermarking parameters comprise at least one of a group consisting of: the set-top box function ID, the content ID, and user specific information.
 11. The method of claim 1 wherein the content is compressed in a MPEG2, MPEG4, or H264 or the like.
 12. The method of claim 11 wherein additional low-loss content is received with the compressed content.
 13. The method of claim 11 wherein the low-loss content is associated with at least one of a group consisting of: I-Frames or I-Slices.
 14. The method of claim 1, where the method is performed using a set top box having a set top function.
 15. A system comprising: a) a control system configured to: i) receive a request to record content; ii) determine if non real-time playback of the content is restricted; iii) send a request to a licensing server if non real-time playback is restricted; iv) receive a record policy for the content identifying non real-time playback restrictions in response to the request; and v) receive a unique encryption key for the content; b) a decryption function configured to decrypt the content to provide decrypted content for real-time playback; c) an encryption function adapted to, if recording of the content is restricted, re-encrypt the decrypted content into a file, the file including a content ID, a set-top-box function ID, and a reference to a policy server; and d) a network interface configured to: i) receive the content from a content server; and ii) send the re-encrypted file to a remote system.
 16. The system of claim 15 wherein the content is IPTV.
 17. The system of claim 15 wherein the policy server provides a copyright policy.
 18. The system of claim 17 wherein the copyright policy is used to effect nonreal-time playback of the content.
 19. The system of claim 17 wherein the copyright policy includes a Digital Rights Management policy.
 20. The system of claim 15 wherein the record policy is included with the file.
 21. The system of claim 15 wherein the record policy reflects a watermarking requirement of the content.
 22. The system of claim 21 wherein the system watermarks the content.
 23. The system of claim 22 wherein watermarking parameters are provided by the copyright policy.
 24. The system of claim 23 wherein the watermarking parameters comprise at least one of a group consisting of: the set-top box function ID, the content ID, and user specific information.
 25. A method of controlling playback of recorded content from a multimedia storage device comprising: receiving a file having encrypted content, a set-top box function ID, a content ID, and a reference to a policy server; requesting a copyright policy from the policy server using the reference to the policy server; receiving the copyright policy from the policy server; and effecting playback of the content in accordance with the copyright policy.
 26. The method of claim 25, wherein controlled playback of the recorded content is effected at a remote system.
 27. The method of claim 26 wherein the copyright policy reflects a watermarking requirement of the content.
 28. The method of claim 27 wherein the remote system watermarks the content.
 29. The method of claim 28 wherein watermarking parameters are provided by the policy server.
 30. The method of claim 29 wherein the watermarking parameters comprise at least one of a group consisting of: the set-top box function ID, the content ID, and user specific information.
 31. The method of claim 25, wherein the encrypted multimedia content is generated by a set-top box function.
 32. The method of claim 31, wherein the set-top box function is coupled to a broadcast service.
 33. The method of claim 31, wherein the set-top box function is coupled to a multicast service.
 34. The method of claim 25, wherein the reference to the copyright policy server is a URL.
 35. The method of claim 25 wherein the copyright policy includes a Digital Rights Management policy. 